SAN DIEGO, CA -- (Marketwire) -- 12/03/09 -- Websense, Inc. (NASDAQ: WBSN) today released
its list of security predictions and trends anticipated for 2010.
Researchers in the Websense® Security
Labs(TM) have identified emerging security exploits and trends
anticipated to increase during the next 12 months. The emerging
trends and predictions show an overall blending of security threats
across multiple attack vectors for the purpose of roping computers into bot
networks and stealing valuable confidential information. Researchers
believe that hackers will look to compromise new platforms such as
smartphones and take advantage of the popularity of Windows 7. They are
also expected to compromise the integrity of search engine results and use
legitimate advertisements to spread their malicious content.

"Threats on the Web continue to parallel Internet users' Web use patterns,"
said Dan Hubbard, chief technology officer, Websense. "As audiences are
moving quickly into the social Web, so are the attacks. Additionally, as
emerging operating systems and platforms like Macs and mobile devices
become more popular, they are more targeted. At the same time, malicious
attackers are increasing the number of traditional attacks on PCs, with
quickly changing tactics and new twists on old exploits."

In the past year, Websense Security Labs noted an increase in botnet groups
following each other and using similar spam/Web campaigns tactics such as
fake DHL and USPS notifications and other copy-cat behavior. We expect this
to continue in 2010. In addition, we anticipate more aggressive behavior
between different botnet groups including bots with the ability to detect
and actively uninstall competitor bots. Websense Security Labs has already
seen some turf wars, with the Bredolab botnet disabling the
Zeus/Zbot on infected computers.

3. Email gains traction again as a top vector for malicious attacks

In 2010, email used as a vector for spreading malicious attacks will evolve
in sophistication. During 2009, Websense Security Labs saw a huge uptake in emails being
used to spread files and deliver Trojans as email attachments, after
being nearly non-existent for several years. Attackers are more often using
timely topics to lure recipients to open mail, attachments and click on
malicious links. Not only are more emails containing malicious attachments,
researchers also have seen increased sophistication of blended attacks that
are difficult to close down. During 2010, this trend will continue and we
will see more emails containing malicious data stealing attachments and
malicious URLs.

With the expected fast adoption of Windows 7, we will see more malicious
attacks targeting the new operating system with specific tricks to bypass
User Access Control warnings, and greater exploitation of Internet Explorer
8. The User Access Control in Vista was originally implemented to prevent
malware from making permanent changes to the system such as startup files.
However, it allowed pop-ups every time a change was made to the system,
such as a change to an IP address, time zone, etc. The pop-ups occurred so
frequently that users ignored the warnings or turned off the feature
leaving them vulnerable. While Windows 7 tries to reduce the pop-ups by
allowing four levels of User Access Control, security challenges to the
interface and the operating system still exist. In fact, during a Patch
Tuesday cycle in October 2009, five updates were for Windows 7 -- even
before it was released to the general public.

5. Don't Trust Your Search Results

A malicious SEO poisoning attack, also known as a Blackhat SEO attack,
occurs when hackers compromise search engine results to make their links
appear higher than legitimate results. As a user searches for related
terms, the infected links appear near the top of the search results,
generating a greater number of clicks to malicious Web sites. In the last
year, attackers have used this technique to poison search results on
everything from
MTV VMA awards and Google Wave invites, to iPhone SMS features and Labor Day sales. SEO poisoning attacks are successful because as soon
as a malicious campaign is recognized and removed from search results, the
attackers simply redirect their botnets to a new, timely search term. These
ongoing campaigns are likely to gain steam in 2010 and may cause a trust
issue in search results among consumers, unless the search providers change
the way they document and present links.

6. Smartphones are hackers' next playground

At the end of 2009 Websense Security Labs documented four iPhone exploits in a span of a few weeks
-- representing the first major attacks on the iPhone platform and the
first iPhone data-stealing malware with bot functionality. Smartphones such
as the iPhone and Android, which are used increasingly for business
purposes, are essentially miniature personal computers and in 2010 will
face the same types of attacks that target traditional computing.
Additionally, poor security for applications on smartphones can put users'
and organizations' data at risk. With a rapidly growing user base, business
adoption and increasing use for conducting financial transactions with
these devices, hackers will begin more dedicated targeting of smartphones
in 2010.

7. Why corrupt a banner ad serve, when you can buy malvertising space?

In a high-profile incident in 2009, visitors to the New York Times Web
site saw a pop-up box warning them of a virus that directed them to an
offer for antivirus software, which was actually rogue AV. This attack was
served up through an advertisement purchased by someone posing as a
national advertiser. The successful attack was a worthwhile investment for
the criminals and so in 2010 Websense Security Labs predicts that more
malicious ads will be legitimately purchased by the bad guys.

8. 2010 will prove once and for all that Macs are not immune to exploits

Hackers have noticed Apple's rapid growth in market share in both the
consumer and corporate segments. There exists additional risk for Mac users
because many assume Macs are immune to security threats and therefore
employ less security measures and patches, so attackers have additional
incentive to go after the OS X platform. During 2009, Apple released six
large security updates for Macs showing the potential for attacks. In 2010,
there will be even more security updates as hackers ramp up attacks
targeting the platform. There is also the potential for the first drive-by
malware created to target Apple's Safari browser.

The dynamic nature of Web 2.0 attacks, the use of email to drive users to
malicious Web sites, and tactics like SEO poisoning and rogue AV all
demonstrate the need for organizations to have a unified content security
platform that protects against blended Web, email and data security
threats.

"The blended nature of today's threats mandates that a core understanding
of the Web must pervade all security measures -- and that email, Web and
data awareness must be integrated to protect organizations' information and
networks," said Devin Redmond, vice president of business development and
product management at Websense. "Our ability to anticipate, discover and
mitigate these evolving threats is a central part of our technology
strategy. We build that content and threat knowledge into our unified Web,
email and
data loss prevention solution and deliver that protection and control
to our customers and partners through industry-leading appliances,
security-as-a-service solutions and hybrid combinations of the two. As the
leader in content security, Websense is uniquely positioned to protect
organizations from today's threats."

The Websense Security Labs uses the Websense ThreatSeeker® Network to
discover, classify and monitor global Internet threats and trends. Every
hour, the ThreatSeeker Network scans more than 40 million Web sites and ten
million emails for unwanted content and malicious code. Using more than 50
million real-time data collecting systems, the Websense ThreatSeeker
Network parses through more than one billion pieces of content daily,
searching for emerging security threats. The Websense Security Labs
provides breaking alerts and blogs detailing emerging exploits on its blog
at http://securitylabs.websense.com.

Websense, the Websense Logo, ThreatSeeker and the YES! Logo are registered
trademarks of Websense, Inc. in the United States and/or other countries.
Websense has numerous other unregistered trademarks in the United States
and internationally. All other trademarks are the property of their
respective owners.

This news release contains forward-looking statements that involve risks,
uncertainties, assumptions and other factors which, if they do not
materialize or prove correct, could cause Websense results to differ
materially from historical results or those expressed or implied by such
forward-looking statements. All statements, other than statements of
historical fact, are statements that could be deemed forward-looking
statements, including statements about our technology and product
leadership, growth trends and expense management, and statements containing
the words "planned," "expects," "believes," "strategy," "opportunity,"
"anticipates" and similar words. The potential risks and uncertainties
which contribute to the uncertain nature of these statements include, among
others, risks associated with launching new product offerings, customer
acceptance of the company's services, products and fee structures in a
changing market; the success of Websense brand development efforts; the
volatile and competitive nature of the Internet and security industries;
changes in domestic and international market conditions, risks relating to
currency exchange rates and impacts of macro-economic conditions on our
customers, risks relating to the required use of cash for debt servicing,
the risks of ongoing compliance with the covenants in the senior secured
credit facility, risks related to changes in accounting interpretations and
the other risks and uncertainties described in Websense public filings with
the Securities and Exchange Commission, available
at www.websense.com/investors. Websense assumes no obligation to update any
forward-looking statement to reflect events or circumstances arising after
the date on which it was made.

Cloud Expo

Cloud Computing & All That
It Touches In One Location Cloud Computing - Big Data - Internet of Things
SDDC - WebRTC - DevOps
Cloud computing is become a norm within enterprise IT.

The competition among public cloud providers is red hot, private cloud continues to grab increasing shares of IT budgets, and hybrid cloud strategies are beginning to conquer the enterprise IT world.

Big Data is driving dramatic leaps in resource requirements and capabilities, and now the Internet of Things promises an exponential leap in the size of the Internet and Worldwide Web.

The world of SDX now encompasses Software-Defined Data Centers (SDDCs) as the technology world prepares for the Zettabyte Age.

Add the key topics of WebRTC and DevOps into the mix, and you have three days of pure cloud computing that you simply cannot miss.

Delegates will leave Cloud Expo with dramatically increased understanding the entire scope of the entire cloud computing spectrum from storage to security.

Cloud Expo - the world's most established event - offers a vast selection of 130+ technical and strategic Industry Keynotes, General Sessions, Breakout Sessions, and signature Power Panels. The exhibition floor features 100+ exhibitors offering specific solutions and comprehensive strategies. The floor also features two Demo Theaters that give delegates the opportunity to get even closer to the technology they want to see and the people who offer it.

Attend Cloud Expo. Craft your own custom experience. Learn the latest from the world's best technologists. Find the vendors you want and put them to the test.